package com.example.livereplay;

import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        // 不需要自定义认证逻辑时，可以不实现任何操作
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        // 关闭Security
        http.authorizeRequests().anyRequest().permitAll() // 允许所有请求
                .and().csrf().disable() // 关闭CSRF保护
                .httpBasic().disable() // 关闭基本认证
                .formLogin().disable(); // 关闭表单登录
    }
}